required
The time at which this data payload was valid. When sending events in realtime, this will usually be 'now'. This is used to merge data that arrives out-of-order.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
An eventType should identify what event in your system triggered this API call.
Pattern: ^[a-zA-Z0-9][a-zA-Z0-9-_]*$
|
optional
The unique identifier of the customer. If your system allows anonymous
checkout then we recommend making this the customer's email address.
|
optional
A temporary ID for a customer when the real account ID has yet to be
minted. This must eventually be sent in conjunction with a real customer
ID to migrate the data into the full customer account.
|
optional
The payment method being registered by the customer.
One of the following:
|
card : A credit or debit card.
Show definition
|
required
Vault card payment method indicator.
One of:
card , creditcard , or debitcard .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
optional
The card network or scheme, such as visa or mastercard. Ravelin will identify the scheme on your behalf if you send the cardBin, which should be preferred.
|
important
A unique identifier for the physical card, shared between customers. Used
to link cards in Connect. Must not be a hash of the PAN.
If you use multiple PSPs who each generate their own equivalent of an
instrumentId, you should consider prefixing their values to indicate
their origin to avoid collisions. Common examples include Stripe's
fingerprint,
or Braintree's
unique_number_identifier).
|
pci, optional
The full Primary Account Number of the card. Used by Ravelin to determine the
instrumentId for this card. If specified, you do not need to provide instrumentId , cardBin
or cardLastFour .</br></br>
Only PCI DSS SAQ-D certified merchants should submit the PAN to Ravelin. You must not send requests
containing this field to api.ravelin.com , and must instead use pci.ravelin.com .</br></br>
Please see <a href='/guides/pci'>our PCI DSS documentation</a> for more information.
|
important
The first six digits of the card number/PAN. The Bank Identification
Number (BIN), recently more commonly known as the Issuer
Identification Number (IIN).
Given the BIN, Ravelin will populate the issuer, country of issuance,
and card type on your behalf.
|
important
The last four digits of the card number/PAN.
|
optional
The card issuer, who the true cardholder will report fraud to. Ravelin
will identify the issuer on your behalf if you send the cardBin ,
which should be preferred.
|
optional
Whether this is a prepaid debit card. Ravelin will identify whether
the card is prepaid on your behalf if you send the cardBin which
should be preferred.
|
optional
The country that the card was issued in. Ravelin will identify the
country of issuance on your behalf if you send the cardBin , which
should be preferred.
A ISO 3166-1 Alpha 3
or Alpha 2 country
code.
|
important
The expiry month of the card.
|
important
The expiry year of the card.
|
deprecated
The e-Wallet to which the customer associated the card.
One of:
applepay , googlepay , samsungpay , amazonpay , or visacheckout .
|
important
|
important
The address of the registered cardholder, as used to pass
AVS
checks. It is common to have fewer location details for this address,
but provide what you have.
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
Whether this payment method is a corporate card.
|
optional
Whether this payment method is a virtual card.
|
successfulRegistration
boolean
optional
Whether the card was successfully registered with your gateway/PSP.
|
important
The time that the card was saved to the customer's account. (Not the card start date.)
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
The time at which the payment method was last verified by the customer.
An example mechanism would be a random amount charged to the
customer's card that they can confirm the amount of.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Whether the card has been compromised.
|
important
The reason why the card is considered compromised.
One of:
cloned , databreach , found , lost , stolen , frozen , defrosted , or uncompromised .
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
Whether this card is still saved to the customer's account.
|
deprecated
Whether this card has been banned.
|
deprecated
The nickname the customer has given the payment method.
|
deprecated
The card network or scheme, such as visa or mastercard . Ravelin
will identify the cardType on your behalf if you send the cardBin ,
which should be preferred.
|
|
paymentMethodCipher : An encrypted payment method, containing the full card details encrypted via a
Ravelin SDK.
Show definition
|
required
Client-side encrypted card payment method indicator.
Only:
paymentMethodCipher .
|
required, pci
The card ciphertext produced by the Ravelin SDK card encryption.
This field constitutes cardholder data, and submission of this field therefore requires PCI DSS
SAQ-A or SAQ-AEP certification. You must not send requests containing this field to
api.ravelin.com , and must instead use pci.ravelin.com .
Please see our PCI DSS documentation for more information.</p>
|
required
The AES Key ciphertext produced by the Ravelin SDK card encryption.
|
required
The algorithm used to generate the ciphertexts.
|
optional
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
optional
The version of the Ravelin SDK that performed this encryption.
|
optional
The index of the public RSA key used to encrypt the card.
|
optional
An identifier for the public key used during encryption.
|
optional
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
When the payment method was added to the customer's account. Note: this is not the card start date.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
deprecated
The version of the ravelinjs library that performed this encryption.
|
|
cash : The customer is paying in cash, or a cash-based payment method.
Show definition
|
required
Indicator of a cash payment, or cash-based payment method (e.g. paysafecard).
Only:
cash .
|
optional
The name of the cash-based payment service used, if applicable.
|
|
bankaccount : Bank Accounts.
Show definition
|
required
Only:
bankaccount .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
required
The type of transfer: whether the customer is initiating the payment, or you are withdrawing funds from the customer's bank account based on an agreement to initiate payments on their behalf. Use "push" for a customer-initiated payment (e.g. a bank transfer) and "pull" for a merchant-initiated payment (e.g. Direct Debit).
One of:
push , or pull .
|
important
The name of the payment scheme or instrument used for the transfer of funds.
|
optional
IBAN (International Bank Account Number)
Following the ISO 13616:2007 standard.
|
optional
|
optional
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
The name of the account owner.
|
optional
Code assigned by central bank to identify bank that account is associated with.
Multiple bank code formats are supported.
|
optional
Name of bank which account belongs to.
|
optional
BIC - business identifier code for banks and other institutions.
Following the ISO9362 standard.
|
optional
The account number issued by the bank.
|
optional
The nickname for the payment method that the customers gives, if applicable.
|
important
The time that the card was saved to the customer's account. (Not the card start date.)
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
|
paypal : PayPal payments.
Show definition
|
required
Only:
paypal .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
optional
|
important
|
optional
The address of the account holder. It is common to have fewer location
details for this address, but provide what you have.
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
important
The time that the card was saved to the customer's account. (Not the card start date.)
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
The time at which the payment method was last verified by the customer.
An example mechanism would be a random amount charged to the
customer's card that they can confirm the amount of.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
The nickname for the payment method that the customers gives, if applicable.
|
optional
|
optional
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
If the payment method has been banned
|
deprecated
Whether the payment method is active for use by this account
|
|
credit : This payment method type should be used for any payments made using credit that a customer has with the merchant.
Show definition
|
required
Credit payment indicator.
Only:
credit .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
optional
The name of the store credit scheme used as a payment method, if applicable.
|
optional
When the payment method was added to the customer's account.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
|
invoice : This payment method should be used whenever the merchant provides credit to the customer.
Show definition
|
required
Invoice payment indicator.
Only:
invoice .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
important
The name of the invoice or 'buy now, pay later' scheme used, if applicable.
|
optional
When the payment method was added to the customer's account.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
The nickname for the payment method that the customers gives, if applicable.
|
optional
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
The email address used by the customer to register an invoice or 'buy now, pay later' payment method.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
|
wallet : A digital wallet payment method.
Show definition
|
required
Vault card payment method indicator.
Only:
wallet .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
required
The name of the digital wallet scheme or electronic payment service.
|
optional
The card network or scheme of the card used within a wallet payment method,
such as visa or mastercard. Ravelin will identify the cardScheme on your behalf
if you send the cardBin, which should be preferred.
|
important
A unique identifier for the physical card, shared between customers. Used
to link cards in Connect. Must not be a hash of the PAN.
If you use multiple PSPs who each generate their own equivalent of an
instrumentId, you should consider prefixing their values to indicate
their origin to avoid collisions. Common examples include Stripe's
fingerprint,
or Braintree's
unique_number_identifier).
|
pci, optional
The full Primary Account Number of the card. Used by Ravelin to determine the
instrumentId for this card. If specified, you do not need to provide instrumentId , cardBin
or cardLastFour .</br></br>
Only PCI DSS SAQ-D certified merchants should submit the PAN to Ravelin. You must not send requests
containing this field to api.ravelin.com , and must instead use pci.ravelin.com .</br></br>
Please see <a href='/guides/pci'>our PCI DSS documentation</a> for more information.
|
important
The first six digits of the card number/PAN. The Bank Identification
Number (BIN), recently more commonly known as the Issuer
Identification Number (IIN).
Given the BIN, Ravelin will populate the issuer, country of issuance,
and card type on your behalf.
|
important
The last four digits of the card number/PAN.
|
deprecated
The card network or scheme, such as visa or mastercard . Ravelin
will identify the cardType on your behalf if you send the cardBin ,
which should be preferred.
|
optional
The card issuer, who the true cardholder will report fraud to. Ravelin
will identify the issuer on your behalf if you send the cardBin ,
which should be preferred.
|
optional
Whether this is a prepaid debit card. Ravelin will identify whether
the card is prepaid on your behalf if you send the cardBin which
should be preferred.
|
optional
The country that the card was issued in. Ravelin will identify the
country of issuance on your behalf if you send the cardBin , which
should be preferred.
A ISO 3166-1 Alpha 3
or Alpha 2 country
code.
|
important
The expiry month of the card.
|
important
The expiry year of the card.
|
important
|
important
The address of the registered cardholder, as used to pass
AVS
checks. It is common to have fewer location details for this address,
but provide what you have.
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
successfulRegistration
boolean
optional
Whether the card was successfully registered with your gateway/PSP.
|
important
The time that the card was saved to the customer's account. (Not the card start date.)
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
The time at which the payment method was last verified by the customer.
An example mechanism would be a random amount charged to the
customer's card that they can confirm the amount of.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
Whether this card is still saved to the customer's account.
|
deprecated
Whether this card has been banned.
|
deprecated
The nickname the customer has given the payment method.
|
|
fromTransaction : Refer to the payment method used by a named transaction.
For usage examples, see
Saving payment methods after checkout
and Associating refunds with payment methods.
Show definition
|
required
Only:
fromTransaction .
|
important
The transaction ID to look up the payment method from.
|
important
The gateway that the transaction was processed through.
|
important
The gateway ref provided by the gateway for the transaction.
|
optional
|
|
directdebit : Direct Debits. - deprecated.
Show definition
|
required
Only:
directdebit .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
required
Only:
directdebit .
|
required
The type of direct debit scheme.
One of:
autogiro , bacs , becs , becsnz , betalingsservice , or sepa .
|
optional
IBAN (International Bank Account Number)
Following the ISO 13616:2007 standard.
|
optional
|
optional
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
The name of the account owner.
|
optional
Code assigned by central bank to identify bank that account is associated with.
Multiple bank code formats are supported.
|
optional
Name of bank which account belongs to.
|
optional
BIC - business identifier code for banks and other institutions.
Following the ISO9362 standard.
|
optional
The account number issued by the bank.
|
optional
The unique reference issued for the direct debit mandate.
|
optional
A URL to access the direct debit mandate agreement.
|
optional
The nickname for the payment method that the customers gives, if applicable.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
|
banktransfer : Bank Transfers. - deprecated.
Show definition
|
required
Only:
banktransfer .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
required
One of:
bancontact , eps , giropay , ideal , inghomepay , sofort , or sepa .
|
optional
IBAN (International Bank Account Number)
Following the ISO 13616:2007 standard.
|
optional
|
optional
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
The name of the account owner.
|
optional
Code assigned by central bank to identify bank that account is associated with.
Multiple bank code formats are supported.
|
optional
Name of bank which account belongs to.
|
optional
BIC - business identifier code for banks and other institutions.
Following the ISO9362 standard.
|
optional
The account number issued by the bank.
|
optional
The nickname for the payment method that the customers gives, if applicable.
|
important
The time that the card was saved to the customer's account. (Not the card start date.)
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
|
Others - deprecated.
Show definition
|
required
Other method type indicator.
One of:
voucher , bitcoin , transfer , paysafe , cheque , or edenred .
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
optional
When the payment method was added to the customer's account.
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
A unix timestamp preferably as an
integer count of milliseconds since 1970-01-01T00:00 UTC
(nanoseconds are also accepted).
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The nickname for the payment method that the customers gives, if applicable.
|
deprecated
If the payment method has been banned
|
deprecated
Whether the payment method is active for use by this account
|
|
Removal: Used for marking a saved payment method as removed from the account.
Show definition
|
required
A unique identifier for this payment, specific to this customer. Two
customers should not use the same paymentMethodId.
|
required
False to indicate the payment method has been deactivated.
Only:
false .
|
|
optional
The device used by the customer to trigger this update.
Show definition
|
required
The ID of the device used by the customer to trigger this update.
|
important
The IP address of the device connecting to your services. Used in fraud and account-takeover detection.
When extracting this IP address, consider X-Forwarded-For .
|
optional
|
important
The browser user-agent string, if the device represents a web browser - window.navigator.userAgent .
|
important
|
important
The operating system that the device is running.
|
optional
One of:
computer , phone , or tablet .
|
optional
|
optional
The geolocated position of the device.
Show definition
|
important
|
important
The postal or zip code. If provided without latitude or longitude, Ravelin will perform coarse geolocation in some countries.
|
important
The latitude of the location.
|
important
The longitude of the location.
|
optional
The name of the person that will accept delivery of goods to this address.
|
optional
The street address of the location.
|
optional
The street address of the location.
|
optional
The neighbourhood of the location.
|
optional
The zone of the location.
|
optional
|
optional
The state/county of the location.
|
optional
The PO box number related to the location.
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The geohash of the location.
|
|
optional
Custom data that is relevant to your domain. This can be any json object.
Please include any details that you think are relevant to fraud that our
schema does not capture.
|
deprecated
The name of the web browser being used, if applicable. Prefer userAgent .
|
javascriptEnabled
boolean
deprecated
Whether Javascript is enabled on the web browser.
|
deprecated
Whether cookies are enabled on the web browser.
|
deprecated
The resolution of the screen on the device in the format XxY
|
|
optional
The ID of the device used by the customer to trigger this update.
|